hacks
hack any motherfucking windows xp machine
so i ran across this video (warning: limp bizkit soundtrack. some hackers have no taste.) today that was instructional on how to get yourself SYSTEM access on any windows xp machine (system access, is of course, higher than admin access, so you can pretty much run the gamut once youre in.)
this can be executed even from a guest account.
jeremy also theorizes (based on this information on the AT command) that this could also be done on any local network, making it possible to highjack a server and install your own backdoor.
here is my version of how to make this happen (so you dont have to listen to limp bizkit for three god damned minutes.).
—-
1. once logged into a winxp machine, run the command prompt (start menu > run… > cmd).
2. in the command prompt, type this code:
at hh:mm* /interactive “cmd.exe”
*this is a representation of time (hours and minutes). set this time to be at least a minute ahead of the time it actually is on the winxp clock. also remember that it registers as a 24 hour clock in the command prompt, not a 12 hour clock. so 8:22 would be 20:22. thus, the real command would look like this:
at 20:22 /interactive “cmd.exe”
3. once the new command prompt pops up when the time you set passes, close the command prompt you typed the code in originally.
4. press control+alt+delete. this brings up the security console. choose “task manager.”
(at this point, arguably, a better way to activate task manager would probably be to right click on the windows taskbar and choose ‘task manager’ from the menu that appears.)
5. in task manager, choose the “processes” tab. in the process tab, find “explorer.exe”.
6. once found, highlight explorer.exe and then click the “end process” button.
7. at this point, explorer should shut down, and the only thing left running will be your command prompt window.
8. this command prompt window will default start in the directory C:\windows\system32\ . type “cd ..” to drop into the lower directoy (the base windows directory.)
9. once in the C:\windows\ directory type “explorer.exe” . this will run explorer once again, and windows will spring to life around you.
10. once back in the OS, check what user you are logged in as. if done correctly, you will see that you are no longer whatever account you logged in as, you are now SYSTEM.
11. do whatever the fuck you want. reset the admin password if you feel like it. you are the god of fuck to this computer now.
—-
EDIT: Jeremy says:
Well, a smart sysadmin… one) wouldn’t be a MS sysadmin and two) would set stringent permissions on the AT command.
Because this has been open since NT 4.0.
But… Circuit City on the other hand.
EDIT #2: here is another gem from jeremy. a link to a nice and fast windows password cracker.
Discussion
6 comments for “hack any motherfucking windows xp machine”
Post a comment
2006 The Institute of Illogical Operation. 
now that’s some useful information
I want to reactivate my sound card on my computer at work. I know I’d be able to do that with this method but the shitty thing is I’d have to log on with my user ID first just to do it. So that’s a no go unless I can get on with a guest account.
you dont NEED a guest account. you can do it from any account. what, do they log what you do on your account? im not sure if they can log what you do in a dos window, or if they would even recognize that you had switched users.
i dunno, fill me in more on why you think this wouldnt work, because im pretty sure you could get away with it.
you could always just give yourself specific rights to the sound card settings and nothing else, and just turn the soundcard back off whenever you leave work.
unless logging off (in other words, being logged in as ‘SYSTEM’) for a few minutes at the beginning and end of work everyday looks suspicious to whoever might look at the logs…which it probably should, knowing this, haha.
I’m not sure what they know but I know that if we are late punching in on our timecard they can go see when we logged on to our computer.
So, yeah, I think that seeing me log on and then user was switched to SYSTEM, might be a little suspicious.
ill have to set up my own system logs to be sure, but it seems that this doesnt ever actually log you out or back in. it just kills and restarts explorer.exe. i doubt something like this would get logged, because the log might not know what its looking for in a situation like this. its not like manually logging in in any manner. so theres a good chance you could get away with it.
ill get back to you with more info.